From 61d0788893606b725a31b73131e6c1c57a71978c Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Sat, 26 Sep 2009 00:49:32 +0000 Subject: [PATCH] Revert broken rewrite of login system; totally broken. * Login doesn't attach to session properly, so can't stay logged in! * Password field shown in plaintext! If it just DOESN'T WORK please keep it on a work branch, don't put it in trunk! Reverted: r56682 r56683 r56684 r56686 r56688 r56696 r56699 r56702 r56703 r56704 r56782 r56896 --- ConfirmEdit_body.php | 23 +++++++++++------------ 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/ConfirmEdit_body.php b/ConfirmEdit_body.php index 5bb6e7e..8c0d780 100644 --- a/ConfirmEdit_body.php +++ b/ConfirmEdit_body.php @@ -39,8 +39,8 @@ class ConfirmEditHooks { return self::getInstance()->triggerUserLogin( $user, $password, $retval ); } - static function injectUserLogin( &$sp ) { - return self::getInstance()->injectUserLogin( $sp ); + static function injectUserLogin( &$template ) { + return self::getInstance()->injectUserLogin( $template ); } static function confirmUserLogin( $u, $pass, &$retval ) { @@ -144,19 +144,18 @@ class SimpleCaptcha { * @param SimpleTemplate $template * @return bool true to keep running callbacks */ - function injectUserCreate( &$sp ) { + function injectUserCreate( &$template ) { global $wgCaptchaTriggers, $wgOut, $wgUser; if ( $wgCaptchaTriggers['createaccount'] ) { if ( $wgUser->isAllowed( 'skipcaptcha' ) ) { wfDebug( "ConfirmEdit: user group allows skipping captcha on account creation\n" ); return true; } - $sp->addFormHeader( + $template->set( 'header', "
" . $wgOut->parse( $this->getMessage( 'createaccount' ) ) . $this->getForm() . - "
\n" - ); + "\n" ); } return true; } @@ -164,18 +163,18 @@ class SimpleCaptcha { /** * Inject a captcha into the user login form after a failed * password attempt as a speedbump for mass attacks. + * @fixme if multiple thingies insert a header, could break * @param SimpleTemplate $template * @return bool true to keep running callbacks */ - function injectUserLogin( &$sp ) { + function injectUserLogin( &$template ) { if ( $this->isBadLoginTriggered() ) { global $wgOut; - $sp->addFormHeader( + $template->set( 'header', "
" . $wgOut->parse( $this->getMessage( 'badlogin' ) ) . $this->getForm() . - "
\n" - ); + "\n" ); } return true; } @@ -191,7 +190,7 @@ class SimpleCaptcha { */ function triggerUserLogin( $user, $password, $retval ) { global $wgCaptchaTriggers, $wgCaptchaBadLoginExpiration, $wgMemc; - if ( $retval == Login::WRONG_PASS && $wgCaptchaTriggers['badlogin'] ) { + if ( $retval == LoginForm::WRONG_PASS && $wgCaptchaTriggers['badlogin'] ) { $key = $this->badLoginKey(); $count = $wgMemc->get( $key ); if ( !$count ) { @@ -558,7 +557,7 @@ class SimpleCaptcha { if ( !$this->passCaptcha() ) { $message = wfMsg( 'captcha-badlogin-fail' ); // Emulate a bad-password return to confuse the shit out of attackers - $retval = Login::WRONG_PASS; + $retval = LoginForm::WRONG_PASS; return false; } } -- 2.39.5